Connecting two small offices VPN

K

KuJaX

[H]F Junkie
Joined
Jan 8, 2001
Messages
15,778
I am helping a friend who happens to be an attorney open up a small alternate office that he will spend 2 days out of the week at. Since his server with all of his client information is at the primary location he wants to be able to connect into it through the network. I suggested we setup a VPN.

Its been awhile since I've researched equipment for office to office always on VPN routers and wanted to get your suggestions.

Neither office has more than 5 computers. They will be accessing stuff from the primary office constantly while at the alternative office. The equipment should be always on, secure and good uptime (I don't want calls saying their VPN connection broke).

What $100 to $300 routers would you suggest that are fairly intuitive and have good features for uptime for office to office VPN? I've setup several Cisco PIX 501's in the past but I realize that equipment is outdated and there are, no doubt, significantly better options now.

Thanks!
 
Anything using IPSec should be fine, if you want something cheap that works (very good in my experience) go for an Atheros router, run OpenWRT and setup vtun(d) or whatever floats your boat.
//Danne
 
2 Cisco ASA5505's if you want Cisco. They'd be about 400 each for the 10 user license ones.
2 Mikrotik RB450Gs, about 120 each. You could even go with 2 RB750s for 45 bucks each. They work great for IPSEC tunnels.
 
But for a business wouldn't it be more wise to go more enterprise level equipment like Cisco rather than other names that may not have as many units out in the field or technicians for uptime?
 
I suggest you just tell him to use Hamachi logmein. It's the safest and easiest solution, especially for an attorney. You won't even have to do maintenance on it.

However, if you really want to setup a local VPN, just grab a powerful enough DD-WRT compatible router like the Asus RT-N12, flash it with DD-WRT and setup OpenVPN on it with WAN access. You'll have to secure it and maintain it regularly though in case you know....

EDIT:

Don't get ahead of yourself mate. Why you want enterprise grade equipment for such small offices baffles me...
 
You could get some Cisco small business VPN routers. The RV042 works pretty well and is half the price of a base model ASA 5505.
 
jlocohustler said:
Don't get ahead of yourself mate. Why you want enterprise grade equipment for such small offices baffles me...
Click to expand...

Reason being is because i'll set it up for my friend but I DO NOT want to maintain it. I want the least maintenance item available. Even if it comes at a cost upfront hardware wise.
 
remote desktyop connect to other office computer?

you dont need some "enterprise" level item

heck toss up PFsense or untangle on an older computer, install OpenVPN, connect, done.
 
jlocohustler said:
...use Hamachi logmein. It's the safest and easiest solution...
Click to expand...

I'm not sure how you can possibly claim a service requiring a third party that authenticates and collects information about the session is "safer" than a real VPN such as the other suggestions (IPSEC and OpenVPN)...

MrGuvernment said:
heck toss up PFsense or untangle on an older computer, install OpenVPN, connect, done.
Click to expand...

I have numerous pfSense boxes running OpenVPN (and IPSEC on some older installs) providing permanent tunnels between offices that require zero maintenance. The couple times I've had to deal with them it was hardware or ISP failures. Set up a dial-in option to be able to fix them remotely if the need does arise.
 
FWIW, if your going for embedded you probably want to have a look at something else than OpenVPN if your linespeed is > ~6-7 mbit as its very cpu intensive. vtun(d) uses about 10% on a 266Mhz (on a broadcom mips cpu which really slow nowdays) per mbit. I would guess that quicktun performs equally, OpenVPN used a lot more and didn't even reach linespeed last time I benched it so I assume there's some overhead.
//Danne
 
Add a Sonic Wall TZ100 at both locations and setup the VPN through that. It has the same capabilities of Cisco ASA 5505, but a heck of a lot cheaper. You could also get one with wireless built in if you want wireless.
You even could just use 1 Sonicwall at the main location and have the clients at the offsite location use the ssl-extender VPN that is installed on their computer for the VPN.
 
Zyxel usg 20

Done for ~$150 a side. Cake to setup IPSec

Dead reliable great support
 
Got few ZyWALL 5s running site-to-site IPSec VPNs and they work a treat! About £20 each from eBay...
 
You must log in or register to reply here.
Back
Top